IBM is releasing a family of Granite code models to the open-source community. The aim is to make coding as easy as possible — for as many developers as possible.
Torture is going to downtown #Munich to lead the #RedHat press event on the news from the Red Hat Summit in Denver at a location with a roof terrace that looks down on one of the most famous and oldest vinyl record stores, the Optimal ;)
As a proud member of the open source community since 1995, as being part of the OSS revolution as a #RedHat, #Canonical and #SuSE employee, with regrets I have to admit @geerlingguy is not totally wrong:
RHEL 9.4 is here updated with Python 3.12, PHP 8.2, Podman 4.9, new Identity Management features, enhanced security, and more. https://linuxiac.com/rhel-9-4-released/
The Gnome Project is a wall-garden, but not of the Apple kind. It's a club of mostly #Redhat programmers & a few select others, and either you're in it, or you're not. Your user needs, your bug reports, your patches, all end up on /dev/null. They listen to no one. Never have, never will.
Why must the #UX of any kind of #cryptography related tooling on our systems suck so much?
Today's task - manage CA certificates on our clusters' base-systems using #Ansible.
The canonical way on #RHEL systems seems to be, to use #p11kit's "trust" CLI.
"--help" says to use "trust list" - that sounds easy. I'll just compare those certificate serials against my desired state and then import the delta into the trust store…
But: the unique identifier of "trust list"'s output is a PKCS11 URI!
@flameeyes I feel like I understand how those #UX shortcomings occur.
People deep down in the crypto rabbit-hole might work under the assumption, that anyone operating at their depth will know surely what they're dealing with, so there's no need to explain the basic primitives everywhere.
But I don't get it from the perspective of an enterprise provider like #RedHat - cryptography is a fundamental aspect to operate their product.
Not even a junior should fail at this basic task due to poor #UX
Anecdote: None of my systems are affected since I stick with #Debian stable. So if you use any of the services I host on my home server, we're still all good here.
Headline: #RedHat warns of backdoor in XZ tools used by most #Linux distros
Quote: "PLEASE IMMEDIATELY STOP USAGE OF ANY FEDORA 41 OR FEDORA RAWHIDE INSTANCES for work or personal activity," Red Hat warned on Friday.
Again the FOSS world has proven to be vigilant and proactive in finding bugs and backdoors, IMHO. The level of transparency is stellar, especially compared to proprietary software companies. What the FOSS world has accomplished in 24 hours after detection of the backdoor code in #xz deserves a moment of humbleness. Instead we have flamewars and armchair experts shouting that we must change everything NOW. Which would introduce even more risks. Progress is made iteratively. Learn, adapt, repeat.
A Microsoft engineer discovered a backdoor in the latest Linux release of xz, a popular compression format. Both Debian and Red Hat has issued security advisories for these and a 10/10 CVE was generated for this.
As we at #RedHat made very clear, no versions of RHEL (Red Hat Enterprise Linux) were affected by the #xz backdoor. My two production servers run on RHEL. So I am relaxed. #Goodnight (and before you complain: you can get RHEL for free for up to 16 machines with the developer subscription for individuals)